diff --git a/src/Icons/Controllers/IconsController.cs b/src/Icons/Controllers/IconsController.cs index 52797a9e5..d6e827df0 100644 --- a/src/Icons/Controllers/IconsController.cs +++ b/src/Icons/Controllers/IconsController.cs @@ -69,7 +69,7 @@ namespace Bit.Icons.Controllers // Only cache not found and smaller images (<= 50kb) if(_iconsSettings.CacheEnabled && (icon == null || icon.Image.Length <= 50012)) { - _logger.LogWarning("Cache the icon for {0}.", domain); + _logger.LogInformation("Cache icon for {0}.", domain); _memoryCache.Set(mappedDomain, icon, new MemoryCacheEntryOptions { AbsoluteExpirationRelativeToNow = new TimeSpan(_iconsSettings.CacheHours, 0, 0), diff --git a/src/Icons/Services/IconFetchingService.cs b/src/Icons/Services/IconFetchingService.cs index e252a87e9..482d1abe0 100644 --- a/src/Icons/Services/IconFetchingService.cs +++ b/src/Icons/Services/IconFetchingService.cs @@ -8,6 +8,7 @@ using System.Threading.Tasks; using Bit.Icons.Models; using AngleSharp.Parser.Html; using Microsoft.Extensions.Logging; +using System.Text.RegularExpressions; namespace Bit.Icons.Services { @@ -31,10 +32,16 @@ namespace Bit.Icons.Services private readonly HashSet _allowedMediaTypes; private readonly HttpClient _httpClient; private readonly ILogger _logger; + private readonly Regex _ipRegex; public IconFetchingService(ILogger logger) { _logger = logger; + _ipRegex = new Regex("^" + + "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\." + + "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\." + + "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\." + + "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$"); _allowedMediaTypes = new HashSet { _pngMediaType, @@ -53,6 +60,12 @@ namespace Bit.Icons.Services public async Task GetIconAsync(string domain) { + if(_ipRegex.IsMatch(domain)) + { + _logger.LogWarning("IP address: {0}.", domain); + return null; + } + if(!Uri.TryCreate($"https://{domain}", UriKind.Absolute, out var parsedHttpsUri)) { _logger.LogWarning("Bad domain: {0}.", domain);